Writing in The Guardian's Housing Network, Curo Chief Executive Victor da Cunha says that the sector needs to find smarter ways to manage risk if it's to compete in a wider business marketplace.
Managing risk is a topical and controversial issue for housing associations. With three high-profile failures and frauds recently reported by the Homes and Communities Agency in its regulatory judgements, good governance is high on all boards' lists of priorities.
Our way forward as a sector involves inherent risk. We need to find smarter ways to manage and mitigate it which will allow us to compete in an increasingly competitive commercial arena. The current situation is effectively one of self-regulation; we are expected to manage our assets and take risks in a mature and responsible way. If we're not up to the job, the regulator is going to be forced to step in and impose controls.
Risk management is normally delegated to the finance director, but we are making it central to everything we do. We have decided to take a radical approach to risk management, one that is quite different to our peers. As chief executive, I've taken responsibility for risk management and at every executive and board meeting, we dedicate a lot of time discussing how to deal with risk.
We now work with a consultant we call "the risk doctor" to keep up on track and we're putting in place a new risk management policy to analyse the benefits and risks that come with new opportunities we're presented with. We will no longer have a single contractor to carry out all our internal audits, instead we will seek partnerships with specialists to look more accurately at different areas of the business. We are also appointing an in-house business assurance adviser, directly reporting to me, who will administer the systems and deliver training to colleagues.
Risk and our control environment is part of a system of assurance which should be self improving – it's not simply about catching people out.
When I first joined Curo, our level of reported fraud was very low. It looked great on paper but it was unreliable. It just meant that the methods we used to uncover fraud might not have been working, and if we're not accurately uncovering fraud, how can we fight it? Right now, we are in the middle of providing all 400 colleagues with fraud awareness training so we can get a better picture of the risks in our organisation.
We have some way to go to be able to say we have fully embedded this approach and that all colleagues feel comfortable in coming forward to flag up concerns. So far, we have seen some very positive feedback from our regulator, but there is no system that is perfect and foolproof.
The process is by no means complete, but we're working on it. This is one of the most important things we can do to protect and strengthen our organisation and enable us to achieve our strategic goals.
This article originally appeared on the The Guardian's website on 14 January 2013.